package org.example.core.security.filter;

/**
 * Description:
 * Date: 2024/1/27 20:59
 */

import org.example.base.common.model.UserModel;
import org.example.base.common.service.UserService;
import org.example.core.mysql.Where;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * <p>
 * 登录过滤器，继承UsernamePasswordAuthenticationFilter，对用户名密码进行登录校验
 * </p>
 */
public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter {

    private RedisTemplate redisTemplate;

    private UserService userService;


    public TokenLoginFilter(RedisTemplate redisTemplate, UserService userService, AuthenticationFailureHandler failureHandler,
            AuthenticationSuccessHandler successHandler) {
        this.userService = userService;
        this.redisTemplate = redisTemplate;
        if (!ObjectUtils.isEmpty(failureHandler)) {
            super.setAuthenticationFailureHandler(failureHandler);
        }
        if (!ObjectUtils.isEmpty(successHandler)){
            super.setAuthenticationSuccessHandler(successHandler);
        }
    }

    /**
     * 接收并解析用户凭证
     */
    @Override
    public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res)
            throws AuthenticationException {
        String authorization = req.getHeader("Authorization");
        if (StringUtils.hasText(authorization)){

        }

        String username = req.getParameter("account");
        username = (username != null) ? username.trim() : "";
        String password = req.getParameter("password");
        password = (password != null) ? password : "";
        UserModel userModel = userService.searchOne(Where.build().field("account").equal(username)
                .and().field("password").equal(password)
                .and().field("del_flag").equal(0));
        if (ObjectUtils.isEmpty(userModel)) {
            throw new AuthenticationServiceException("登陆失败，请重新登陆");
        }
        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(userModel.getId(), password );
        return this.getAuthenticationManager().authenticate(authRequest);
    }

    @Override
    public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
        super.setAuthenticationFailureHandler(failureHandler);
    }
}

